reddit hackernews mail facebook facebook linkedin


Authentication Token Obtain and Replace Extender.

The plugin is created to help automated scanning using Burp in the following scenarios:
1/ Access/Refresh token.
2/ Token replacement in XML,JSON body.
3/ Token replacement in cookies. This can be achieved using complex macro, session rules or Custom Extender in some scenarios. The rules become tricky and do not work in scenarios where the replacement text is either JSON, XML.